CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-2416 – mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types
https://notcve.org/view.php?id=CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. Múltiples vulnerabilidades de uso anterior a la liberación en libxml2 v2.5.10, v2.6.16, v2.6.26, v2.6.27, y v2.6.32, y libxml v1.8.17, permite a atacantes dependientes de contexto producir una denegación de servicio (caída de aplicación) a través de una ,manipulación de (1) una notación o (2) tipos de atributo de enumeración en un fichero XML como se demostró en Codenomicon XML fuzzing framework. • http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/35036 http://secunia.com/advisories/36207 http://secunia.com/advisories/36338 http://secunia • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 2CVE-2009-1891 – httpd: possible temporary DoS (CPU consumption) in mod_deflate
https://notcve.org/view.php?id=CVE-2009-1891
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption). El módulo mod_deflate en Apache httpd v2.2.11 y anteriores comprime archivos de gran tamaño hasta finalizar incluso después de que la conexión de red asociada está cerrada, lo cual permite a atacantes remotos provocar una denegación de servicio (consumo de CPU). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html http://marc.info/?l=apache-httpd-dev&m=124621326524824&w=2 http://marc.info/?l=apache-httpd-dev&m=124661528519546&w=2 http://marc.info/?l=bugtraq&m=129190899612998&w=2 http://marc.info/? • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 2%CPEs: 14EXPL: 0CVE-2009-1890 – httpd: mod_proxy reverse proxy DoS (infinite loop)
https://notcve.org/view.php?id=CVE-2009-1890
The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. La función stream_reqbody_cl de mod_proxy_http.c en el módulo mod_proxy del Servidor HTTP de Apache anterior a v2.3.3, cuando está configurado un proxy inverso, no maneja adecuadamente un flujo de datos que exceda el valor de Content-Length (Longitud del Contenido), esto permite a atacantes remotos provocar una denegación de servicio (consumo de la CPU) a través de una solicitud manipulada. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html http://marc.info/?l=bugtraq&m=129190899612998&w=2 http://osvdb.org/55553 http://secunia.com/advisories/35691 http://secunia.com/advisories/35721 http://secunia.com/advisories/35793 http://secunia.com/advisories/35865 http://secunia.com/advisories/37152 http://secunia.com/advisories/37221 http://security.gentoo.org/glsa/glsa-2009 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.3EPSS: 3%CPEs: 15EXPL: 1CVE-2009-1837 – Firefox Race condition while accessing the private data of a NPObject JS wrapper class object
https://notcve.org/view.php?id=CVE-2009-1837
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object. Condición de carrera en la función NPObjWrapper_NewResolve en modules/plugin/base/src/nsJSNPRuntime.cpp en xul.dll en Mozilla Firefox v3 anteriores a v3.0.11 podría permitir a atacantes remotos ejecutar código arbitrario a través de una pagina de transición durante la carga de un applet de Java, relacionado con una vulnerabilidad uso-después-de-liberación para asociar memoria con un objeto Java destrozado. • http://secunia.com/advisories/34241 http://secunia.com/advisories/35331 http://secunia.com/advisories/35415 http://secunia.com/advisories/35431 http://secunia.com/advisories/35468 http://secunia.com/secunia_research/2009-19 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 http://www.debian.org/security/2009/dsa-1820 http://www.mozilla.org/security/announce/2009/mfs • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.2EPSS: 92%CPEs: 9EXPL: 2CVE-2009-0714 – HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service
https://notcve.org/view.php?id=CVE-2009-0714
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. Vulnerabilidad no especificada en el módulo dpwinsup (dpwinsup.dll) para dpwingad (dpwingad.exe) en HP Data Protector Express y Express SSE 3.x en versiones anteriores a build 47065 y Express y Express SSE 4.x en versiones anteriores a build 46537, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o lectura de porciones de memoria a través de uno o más paquetes manipulados. • https://www.exploit-db.com/exploits/9006 https://www.exploit-db.com/exploits/9007 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543 http://ivizsecurity.com/security-advisory-iviz-sr-09002.html http://secunia.com/advisories/35084 http://www.securityfocus.com/bid/34955 http://www.securitytracker.com/id?1022220 http://www.vupen.com/english/advisories/2009/1309 •